Skip Headers
Oracle® Fusion Middleware Installation Guide for Oracle Identity Management
11g Release 1 (11.1.1)

Part Number E12002-11
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

4 Performing Common Installation Tasks

This chapter describes tasks that are common to most Oracle Identity Management installations and configurations. It includes the following topics:

Note:

By completing the common installation tasks in this chapter, you are not installing or configuring Oracle Identity Management software.

For complete information about installing Oracle Identity Management software, see the following:

For complete information about configuring Oracle Identity Management software, see the individual component specific chapters in the following links:

4.1 Common Installation Tasks for Oracle Identity Management (11.1.1.6.0)

This section discusses the following topics:

4.1.1 Identifying Installation Directories

This topic describes directories you must identify in most Oracle Identity Management installations and configurations—it does not describe one particular Installer screen. During installation, you will have to identify other component-specific directories not described in this topic.

The common directories described in this section include the following:

4.1.1.1 Oracle Middleware Home Location

Identify the location of your Oracle Middleware Home directory. The Installer creates an Oracle Home directory for the component you are installing under the Oracle Middleware Home that you identify in this field. The Installer also creates an Oracle Common Home directory under the Oracle Middleware Home. The Oracle Common Home contains the binary and library files required for Oracle Enterprise Manager Fusion Middleware Control and Oracle Java Required Files (JRF). There can be only one Oracle Common Home within each Oracle Middleware Home.

The Oracle Middleware Home directory is commonly referred to as MW_HOME.

Note:

To install Oracle Identity Management components in an existing Oracle WebLogic Server administration domain, each Oracle Middleware Home directory in the domain must have identical directory paths and names.

4.1.1.2 Oracle Home Directory

Enter a name for the component's Oracle Home directory. The Installer uses the name you enter in this field to create the Oracle Home directory under the location you enter in the Oracle Middleware Home Location field. The Installer installs the files (such as binaries and libraries) required to host the component in the Oracle Home directory.

The Oracle Home directory is commonly referred to as ORACLE_HOME.

Note:

To install Oracle Identity Management components in an existing Oracle WebLogic Server administration domain, each Oracle Home directory in the domain must have identical directory paths and names.

4.1.1.3 WebLogic Server Directory

Enter the path to your Oracle WebLogic Server Home directory. This directory contains the files required to host the Oracle WebLogic Server. It is commonly referred to as WL_HOME.

Note:

To install Oracle Identity Management components in an existing Oracle WebLogic Server administration domain, each Oracle WebLogic Server Home directory in the domain must have identical directory paths and names.

4.1.1.4 Oracle Instance Location

Enter the path to the location where you want to create the Oracle Instance directory. The Installer creates the Oracle Instance directory using the location you enter in this field and using the name you enter in the Oracle Instance Name field. Do not enter a path to an existing directory that contains files—if you enter a path to an existing directory, that directory must be empty.

The Installer installs the component's configuration files and runtime components in the Oracle Instance directory. Runtime components will write only to this directory. You can identify any location on your system for the Oracle Instance directory—it does not have to reside inside the Oracle Middleware Home directory.

4.1.1.5 Oracle Instance Name

Enter a name for the Oracle Instance directory. The Installer uses the name you enter in this field to create the Oracle Instance directory at the location you specify in the Oracle Instance Location field. This directory is commonly referred to as ORACLE_INSTANCE.

Instance names are important because Oracle Fusion Middleware uses them to uniquely identify instances. If you install multiple Oracle Fusion Middleware instances on the same computer, for example, an Oracle Identity Management instance and an Oracle WebLogic Server instance, you must give them different names.

The name you enter for the Oracle Instance directory must:

  • Contain only alphanumeric and underscore (_) characters

  • Begin with an alphabetic character (a-z or A-Z)

  • Consist of 4-30 characters

  • Not contain the hostname or IP address of the computer

Note:

You cannot change the Oracle Instance name after installation.

4.1.2 Determining Port Numbers

If you want to install an Oracle Identity Management 11g Release 1 (11.1.1) component against an existing Oracle Identity Management 11g Release 1 (11.1.1) component, you may need to identify the ports for the existing component. For example, if you want to install Oracle Directory Integration Platform 11g Release 1 (11.1.1) against an existing Oracle Internet Directory 11g Release 1 (11.1.1) component, you must identify its port when you install Oracle Directory Integration Platform.

You can get information about ports using the following:

  • WebLogic Server Administration Console.

    Log in to the Administration Console. Click on Servers under Environment to see what ports are in use for the Administration Server and Managed Servers.

  • $ORACLE_INSTANCE/config/OPMN/opmn/ports.prop

    Note:

    If you change a component's port number after installation, the ports.prop file is not updated.

  • The $ORACLE_INSTANCE/bin/opmnctl status -l command to see port numbers of components managed by OPMN.

4.1.3 Optional: Configuring the Minimum Amount for Oracle WebLogic Server's Maximum Heap Size

After installing Oracle Identity Management 11g Release 1 (11.1.1), if you want to configure the minimum (lowest) level of maximum heap size (-Xmx) required for Oracle WebLogic Server to host Oracle Identity Management components, perform the steps in this section.

Note:

This is an optional step, typically performed only for test, development, or demonstration environments.

The minimum (lowest) levels for maximum heap size are:

  • Oracle WebLogic Administration Server: 512 MB

  • Oracle WebLogic Managed Server: 256 MB

Perform the following steps to configure the heap size for Oracle WebLogic Administration Servers and Oracle WebLogic Managed Servers:

  1. Open the setDomainEnv script (.sh or .bat) in the MW_HOME/user_projects/domains/DOMAIN_NAME/bin/ directory.

  2. Locate the last occurrence of the EXTRA_JAVA_PROPERTIES entry.

  3. In the last occurrence of the EXTRA_JAVA_PROPERTIES entry, locate the last occurrence of heap size parameters: -Xmx, -Xms, and so on.

    Note:

    These are the heap size parameters for the Oracle WebLogic Administration Server.

  4. Set the heap size parameters (-Xms and -Xmx) for the Oracle WebLogic Administration Server as desired, for example: -Xms256m and -Xmx512m

  5. To set the heap size parameters for the Oracle WebLogic Managed Server, enter the text in Example 4-1 immediately below the last occurrence of the EXTRA_JAVA_PROPERTIES entry and:

    • Set the heap size parameters (-Xms and -Xmx) as desired, for example: -Xms256m -Xmx256m

    • Replace wls_ods1 with the name of the Oracle WebLogic Managed Server hosting Oracle Directory Services Manager.

    • Replace wls_oif1 with the name the Oracle WebLogic Managed Server hosting Oracle Identity Federation.

    Example 4-1 Heap Size Parameters for Oracle WebLogic Managed Server

    if [ "${SERVER_NAME}" = "wls_ods1" -o  "${SERVER_NAME}" = "wls_oif1" ] ; then
            EXTRA_JAVA_PROPERTIES=" ${EXTRA_JAVA_PROPERTIES} -Xms256m -Xmx256m "
            export EXTRA_JAVA_PROPERTIES
    fi
    
  6. Save and close the setDomainEnv script.

  7. Restart the Oracle WebLogic Administration Server and the Oracle WebLogic Managed Server by referring to Appendix D, "Starting or Stopping the Oracle Stack."

Note:

On UNIX systems, if you execute the ps -ef command and grep for AdminServer or the name of the Oracle WebLogic Managed Server (for example, ps -ef | grep AdminServer or ps -ef | grep wls_oif1), the output contains multiple occurrences of heap size parameters (-Xmx and -Xms).

Be aware that the last occurrence of the heap size parameters in the output are effective and have precedence over the preceding occurrences.

4.1.4 Locating Installation Log Files

The Installer writes log files to the ORACLE_INVENTORY_LOCATION/logs directory on UNIX systems and to the ORACLE_INVENTORY_LOCATION\logs directory on Windows systems.

On UNIX systems, if you do not know the location of your Oracle Inventory directory, you can find it in the ORACLE_HOME/oraInst.loc file.

On Microsoft Windows systems, the default location for the inventory directory is C:\Program Files\Oracle\Inventory\logs.

The following install log files are written to the log directory:

  • installDATE-TIME_STAMP.log

  • installDATE-TIME_STAMP.out

  • installActionsDATE-TIME_STAMP.log

  • installProfileDATE-TIME_STAMP.log

  • oraInstallDATE-TIME_STAMP.err

  • oraInstallDATE-TIME_STAMP.log

  • opatchDATE-TIME_STAMP.log

4.2 Common Installation Tasks for Oracle Identity and Access Management (11.1.1.5.0)

This section discusses the following topics:

4.2.1 Starting an Installation

This topic explains the steps that are common to starting most Oracle Identity and Access Management installations and configurations. It begins with starting the Installer and ends after you complete the steps on the Prerequisites Check screen.

Notes:

  • If you are installing on an IBM AIX operating system, you must run the rootpre.sh script from the Disk1 directory before you start the installer.

  • Starting the Installer as the root user is not supported.

Perform the following steps to start an Oracle Identity and Access Management installation:

  1. Extract the contents of the ofm_iam_generic_11.1.1.5.0_disk1_1of1.zip file to a directory.

  2. Move to the Disk1 directory.

  3. Start the Installer by executing one of the following commands:

    UNIX: <full path to the runInstaller directory>/runInstaller -jreLoc <Middleware Home>/jrockit_1.6.0_24/jre

    Windows: <full path to the setup.exe directory>\ setup.exe -jreLoc <Middleware Home>\jrockit_1.6.0_24\jre

    Note:

    The installer prompts you to enter the absolute path of the JDK that is installed on your system. When you install Oracle WebLogic Server, the jrockit_1.6.0_24 directory is created under your Middleware Home. You must enter the absolute path of the JRE folder located in this JDK when launching the installer. For example, on Windows, if the JRE is located in D:\oracle\Middleware\jrockit_1.6.0_24, then launch the installer from the command prompt as follows:

    D:\setup.exe -jreLoc D:\oracle\Middleware\jrockit_1.6.0_24\jre

    If you do not specify the -jreLoc option on the command line when using the Oracle JRockit JDK, the following warning message is displayed:

    -XX:MaxPermSize=512m is not a valid VM option. Ignoring

    This warning message does not affect the installation. You can continue with the installation.

    On 64 bit platforms, when you install Oracle WebLogic Server using the generic jar file, the jrockit_1.6.0_24 directory will not be created under your Middleware Home. You must enter the absolute path of the JRE folder from where your JDK is located.

    After the Installer starts, continue by referring to Installing and Configuring Oracle Identity and Access Management (11.1.1.5.0).

4.2.2 Starting Oracle Fusion Middleware Configuration Wizard

To start the Oracle Fusion Middleware Configuration Wizard, which is used to configure Oracle Identity and Access Management products in a new or existing WebLogic administration domain, run the <MW_HOME>/oracle_common/bin/config.sh script (on UNIX). On Windows, run the <MW_HOME>\oracle_common\bin\config.cmd script. The Oracle Fusion Middleware Configuration Wizard is displayed.

Note:

When you run the config.cmd or config.sh command, the following error message might be displayed:

*sys-package-mgr*: can't create package cache dir

The error message indicates that the default cache directory is not valid. You can change the cache directory by including the -Dpython.cachedir=<valid_directory> option in the command line.

After starting the Oracle Fusion Middleware Configuration Wizard, configure Oracle Identity and Access Management products, as described in the following links:

4.2.3 List of Executable Files

Table 4-1 lists the executable files that are included in the Oracle WebLogic Server, Oracle Identity and Access Management, Oracle SOA Suite, Oracle Web Tier, and Oracle HTTP Server 11g Webgate for Oracle Access Manager Installers.

Table 4-1 Executable Files

File Description

ofm_iam_generic_11.1.1.5.0_disk1_1of1.zip

After you extract the contents of the ofm_iam_generic_11.1.1.5.0_disk1_1of1.zip file to a directory, you can see the executable file runInstaller (for UNIX) or setup.exe (for Windows) in the Disk1 directory.

Oracle Identity and Access Management 11g Release 1 (11.1.1.5.0) Installer for Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlements Server, and Oracle Identity Navigator

wls_linux32.bin for 32-bit Linux systems, wls_win32.exe for 32-bit Windows systems, and wls_generic.jar for all 64-bit platforms

Oracle WebLogic Server Installer

soa.zip

After you extract the contents of the soa.zip file to a directory, you can see the executable file runInstaller (for UNIX) or setup.exe (for Windows) in the Disk1 directory.

Oracle SOA Suite 11g Release 1 Installer

soa_patchset.zip

After you extract the contents of the soa_patchset.zip file to a directory, you can see the executable file runInstaller (for UNIX) or setup.exe (for Windows) in the Disk1 directory.

Oracle SOA Suite 11g Release 1 Patch Set Installer

webtier.zip

After you extract the contents of the webtier.zip file to a directory, you can see the executable file runInstaller (for UNIX) or setup.exe (for Windows) in the Disk1 directory.

Oracle Web Tier 11g Release 1 (11.1.1) Installer

webgate.zip

After you extract the contents of the webgate.zip file to a directory, you can see the executable file runInstaller (for UNIX) or setup.exe (for Windows) in the Disk1 directory.

Oracle HTTP Server 11g Webgate for Oracle Access Manager Installer

rcuHome.zip

After you extract the contents of the rcuHome.zip file to a directory, you can see the executable file rcu in the BIN directory.

Oracle Fusion Middleware Repository Creation Utility (RCU)


4.2.4 Identifying Installation Directories

This topic describes directories you must identify in most Oracle Identity and Access Management installations and configurations—it does not describe one particular Installer screen. During installation, you will have to identify other component-specific directories not described in this topic.

The common directories described in this section include the following:

4.2.4.1 Oracle Middleware Home Location

Identify the location of your Oracle Middleware Home directory. The Installer creates an Oracle Home directory for the component you are installing under the Oracle Middleware Home that you identify in this field. The Oracle Middleware Home directory is commonly referred to as MW_HOME.

4.2.4.2 Oracle Home Directory

Enter a name for the Oracle Home directory of the component. The Installer uses the name you enter in this field to create the Oracle Home directory under the location you enter in the Oracle Middleware Home Location field.

The Installer installs the files required to host the component, such as binaries and libraries, in the Oracle Home directory. The Oracle Home directory is commonly referred to as ORACLE_HOME.

Note:

Avoid using spaces in the directory names, including Oracle Home. Spaces in such directory names are not supported.

4.2.4.3 Oracle Common Directory

The Installer creates this directory under the location you enter in the Oracle Middleware Home Location field.

The Installer installs the Oracle Java Required Files (JRF) required to host the components, in the Oracle Common directory. There can be only one Oracle Common Home within each Oracle Middleware Home. The Oracle Common directory is commonly referred to as oracle_common.

4.2.4.4 Oracle WebLogic Domain Directory

A WebLogic domain includes a special WebLogic Server instance called the Administration Server, which is the central point from which you configure and manage all resources in the domain. Usually, you configure a domain to include additional WebLogic Server instances called Managed Servers. You deploy Java components, such as Web applications, EJBs, and Web services, and other resources to the Managed Servers and use the Administration Server for configuration and management purposes only.

Managed Servers in a domain can be grouped together into a cluster.

The directory structure of a domain is separate from the directory structure of the WebLogic Server home. It can reside anywhere; it need not be within the Middleware home directory. A domain is a peer of an Oracle instance.

The Oracle Fusion Middleware Configuration Wizard creates a domain in a directory named user_projects under your Middleware Home (MW_HOME).

4.2.4.5 WebLogic Server Directory

Enter the path to your Oracle WebLogic Server Home directory. This directory contains the files required to host the Oracle WebLogic Server. It is commonly referred to as WL_HOME.

4.2.5 Determining Port Numbers

If you want to install an Oracle Identity and Access Management 11g Release 1 (11.1.1) component against an existing Oracle Identity and Access Management 11g Release 1 (11.1.1) component, you may need to identify the ports for the existing component. For example, if you want to install Oracle Identity Manager 11g Release 1 (11.1.1) against an existing Oracle Internet Directory 11g Release 1 (11.1.1) component, you must identify its port when you install Oracle Identity Manager.

4.2.6 Completing an Installation

This topic explains the steps that are common to completing most Oracle Identity and Access Management installations and configurations. It begins with the steps on the Installation Summary screen and ends after the Installation Complete screen.

When the Installation Summary screen appears, perform the following steps to complete the installation:

  1. Verify the installation and configuration information on the Installation Summary screen.

    • Click Save to save the installation response file, which contains your responses to the Installer prompts and fields. You can use this response file to perform silent installations. Refer to Performing a Silent Installation for more information.

      Note:

      The installation response file is not saved by default—you must click Save to retain it.

    • Click Install. The Installation Progress screen appears.

  2. Monitor the progress of your installation. The location of the installation log file is listed for reference. After the installation progress reaches 100%, click OK. The Installation Complete screen appears.

  3. Click Save to save the installation summary file. This file contains information about the configuration, such as locations of install directories, that will help you get started with configuration and administration.

    Note:

    The installation summary file is not saved, by default—you must click Save to retain it.

    Click Finish to close and exit the Installer.

4.2.7 Locating Installation Log Files

The Installer writes log files to the ORACLE_INVENTORY_LOCATION/logs directory on UNIX systems and to the ORACLE_INVENTORY_LOCATION\logs directory on Windows systems.

On UNIX systems, if you do not know the location of your Oracle Inventory directory, you can find it in the ORACLE_HOME/oraInst.loc file.

On Microsoft Windows systems, the default location for the inventory directory is C:\Program Files\Oracle\Inventory\logs.

The following install log files are written to the log directory:

  • installDATE-TIME_STAMP.log

  • installDATE-TIME_STAMP.out

  • installActionsDATE-TIME_STAMP.log

  • installProfileDATE-TIME_STAMP.log

  • oraInstallDATE-TIME_STAMP.err

  • oraInstallDATE-TIME_STAMP.log

4.2.8 Optional: Updating the WebLogic Administrator Server User Name in Oracle Enterprise Manager Fusion Middleware Control (OIM Only)

Read this section only if the user name for the WebLogic Administrator for the domain is not weblogic. This task is required only if you are using Oracle Identity Manager.

If your WebLogic administrator user name is not weblogic, complete the following steps:

  1. Ensure that the Oracle Identity Manager Managed server is up and running.

  2. Log in to Oracle Enterprise Manager Fusion Middleware Control using your WebLogic Server administrator credentials.

  3. Click Identity and Access > oim > oim(11.1.1.2.0). Right-click and select System MBean Browser. The System MBean Browser page is displayed.

  4. Under Application Defined MBeans, select oracle.iam > Server:oim_server1 > Application: oim > XMLConfig > config > >XMLConfig.SOAConfig > SOAConfig.

  5. View the attribute username. By default, the value of the attribute is weblogic. Change this value to your WebLogic administrator user name.

  6. Click Apply. Exit Oracle Enterprise Manager Fusion Middleware Control.

  7. On the command line, use the cd command to move from your present working directory to the <IAM_Home>/common/bin directory. IAM_Home is the example IDM_Home directory for Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlements Server, and Oracle Identity Navigator.

  8. Launch the WebLogic Scripting Tool (WLST) interface as follows:

    On UNIX: Run ./wlst.sh on the command line.

    On Windows: Run wlst.cmd.

    At the WLST command prompt (wls:/offline>), type the following:

    connect()

    You are prompted to enter the WebLogic Administration Server user name, password, and URL. For more information about using the WLST interface, see the topic "Using the WebLogic Scripting Tool" in the guide Oracle Fusion Middleware Oracle WebLogic Scripting Tool.

    1. Run the deleteCred WLST command:

      deleteCred(map="oim", key="SOAAdminPassword");

    2. Run the createCred WLST command, and replace the ADMIN_PASSWORD with your WebLogic administrator password:

      createCred(map="oim", key="SOAAdminPassword", user="xelsysadm",password="<ADMIN_PASSWORD>");

    3. Run the following WLST command to verify the values:

      listCred(map="oim", key="SOAAdminPassword");

    4. Type exit() to exit the WLST command shell.

  9. Open the Oracle Identity Manager Administration Console, and log in as user xelsysadm.

  10. Create a new user for the user name of your WebLogic administrator.

  11. Search for the Administrators role. Open the role details, and click the Members tab.

  12. Remove all the existing members of the Administrators role.

  13. Add the newly created user (the one with your WebLogic administrator user name) as a member of the Administrators role.

  14. Restart Oracle Identity Manager Managed Server, as described in Starting the Stack.